The information in this document is based on these software and
hardware versions:

Cisco Secure ACS SE 3.2.2. build 5

Microsoft 2000 Stand Alone CA server

Microsoft 2000 Enterprise CA Server

The information in this document was created from the devices in a
specific lab environment. All of the devices used in this document started with
a cleared (default) configuration. If your network is live, make sure that you
understand the potential impact of any command.

Click Save and rename the CA Server Certificate
from certnew.cer to a name that is easy to remember. This example uses
ca-cert.cer. After the file is renamed, save this ca-cert.cer
to the FTP server's root directory.

Browse back to the CA Server's web page.

Click Next and select Advanced
Request.

Click Next and select Submit a
certificate request using a base64 encoded PKCS #10 file or a renewal request
using a base64 encoded PKCS #7 file.

Click Next and paste in the Certificate Service
Request that you copied to a Notepad file from step 6.

Click Submit.

Select Base 64 encoded and click Download
CA certificate.

Click Save and rename this certificate from
certnew.cer to a name that you can remember. This example uses
acs-cert.cer. Save this file to your FTP server's root
directory.

Select System Configuration > ACS
Certificate Setup > Edit Certificate Trust List
and verify your CA server is listed. Once it is found, check the box next to
the name.

Click Submit.

Select System Configuration > Service
Control and click Restart.

Select Administration Control > Access
Policy and under the HTTP Configuration section under Secure Socket
Layer Setup, check Use HTTPS Transport for Administration
Access. Once this is complete click Submit. Your ACS
SE is now able to be used via an SSL browser session.